Usable authentication for mobile banking

Abstract

Mobile banking is attractive because it allows people to do banking anytime, anywhere. One of the requirements of performing a mobile banking transaction is that users are required to login before use. The current mobile banking login method is PIN authentication; however, results from other research studies have found that there are usability concerns of using PINs. To overcome some of the concerns, researchers have suggested the use graphical passwords. In this research, we argue that another alternative input technique can be utilized. We explore a novel password input approach, called gesture passwords, of using 3-dimensional discrete gesture motions as password elements. As a result, three systems (PINs, graphical passwords and gesture passwords) were compared. This dissertation describes the design of two mobile authentication techniques: combinational graphical passwords and gesture passwords. These systems were implemented as prototypes. The prototypes along with a PIN authenticator were evaluated with users. User experience and password retention were evaluated to determine the usability and users’ acceptance of each system. Experiments were conducted to evaluate the above. Results from the experiments show that users were able to use all of the testing systems; however, the results reveal that users are more proficient and preferred to use PINs for mobile banking authentication than the other two systems.